
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



09/651,619 



08/30/2000 



7590 



04/06/2004 



Harry F Smith Esq 

Ohlandt Greeley Ruggiero & Perle LLP 

One Landmark Square 

Suite 903 

Stamford, CT 06901 



Richard H. Boive 



YOR9-0351 



1129 



EXAMINER 



MOORTHY, ARAVIND K 



ART UNIT 



PAPER NUMBER 



2131 

DATE MAILED: 04/06/2004 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 





. «l 






1 • 1 


Application No. 


Applicant(s) 




Office Action Summary 


uy/DO i ,o i y 


BOIVE, RICHARD H. 


Examiner 

Aravind K Moorthy 


Art Unit 

2131 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

I) ^ Responsive to communication(s) filed on 30 August 2000 . 
2a)D This action is FINAL. 2b)03 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quay/e, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) [3 Claim(s) 1-21 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) [3 Claim(s) 1-21 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) E3 The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 30 August 2000 is/are: a)E3 accepted or b)D objected to by the Examiner. 
Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

I I) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)Q Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1. Claims 1-21 are pending in the application. 



2. Claims 1-21 have been rejected. 



Specification 



3. Applicant is reminded of the proper language and format for an abstract of the disclosure. 

The abstract should be in narrative form and generally limited to a single paragraph on a 
separate sheet within the range of 50 to 150 words. It is important that the abstract not exceed 
150 words in length since the space provided for the abstract on the computer tape used by the 
printer is limited. The form and legal phraseology often used in patent claims, such as "means" 
and "said," should be avoided. The abstract should describe the disclosure sufficiently to assist 
readers in deciding whether there is a need for consulting the full patent text for details. 

The language should be clear and concise and should not repeat information given in the 
title. It should avoid using phrases which can be implied, such as, "The disclosure concerns," 
"The disclosure defined by this invention," "The disclosure describes," etc. 

The abstract exceeds the 150-word limit. 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 



Claim Rejections - 35 USC §102 
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reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-ABPA 
35U.S.C. 102(e)). 

4. Claims 1, 2 and 5-8 are rejected under 35 U.S.C 102(e) as being anticipated by Raz et al 
U.S. Patent No. 6,529,515 Bl. 

As to claims 1, 9 and 16, Raz et al discloses operating a traceback program on at least one 
path to receive two input parameters, (a) an IP address (v) of the victim machine and (b) an IP 
address (r) of a router that is immediately upstream of the victim machine. Raz et al discloses 
determining a set of routers that are neighbors (n) of r [column 4, lines 24-64]. Raz et al 
discloses that for each neighbor n of r, determining if r is n's next-hop for traffic addressed to v, 
or to a network that v is on, where node n's next-hop for traffic addressed to v is the IP address of 
the node that n will forward a packet to if the destination address in the packet is v. Raz et al 
discloses that if r is not n's next-hop for traffic addressed to v, skip over n and query the next 
neighbor of r, while if r is n's next-hop for traffic addressed to v, determining an amount of 
traffic that n is forwarding to r that is addressed to v [column 9, lines 13-50]. Raz et al discloses 
that after determining the identity of the neighbor n of r that is the principal source of packets 
flowing to r that are addressed to v, continuing one node further upstream from the determined 
neighbor n of r that is the principal source of packets flowing to r that are addressed to v, and 
continuing to traceback through interconnected routers until a source of denial-of-service attack 
packets to v is determined or until further traceback is not possible [column 10, lines 26-53]. 

As to claims 2 and 10, Raz et al discloses that the step of determining the set of neighbors 
comprises a step of sending at least one query to r to obtain information from a MEB that stores 
IP addresses of routers that are neighbors of r [column 12, lines 22-45]. 
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As to claims 5 and 12, Raz et al discloses that the step of determining an amount of 
traffic comprises a step of sending at least one message to a neighbor router n for determining a 
count of packets that router n is sending to router r that are addressed to v or to a network on 
which v resides [column 7, lines 10-24]. 

As to claim 17, Raz et al discloses that the steps of determining and querying each 
comprise a step of sending queries to the data communications network [column 10, lines 12-25]. 

As to claim 18, Raz et al discloses that the step of querying comprises steps of: sending a 
first network message to a packet router for instructing the packet router to determine a number 
of packets that it is sending addressed to v. Raz et al discloses sending a second network 
message to the packet router to query the packet router for the determined number [column 11, 
lines 49-59]. 

As to claim 19, Raz et al discloses that the step of querying comprises a step of sending at 
least one message to a packet router for determining a number of packets being forwarded to or 
towards v [column 7, lines 10-24], 

As to claim 21, Raz et al discloses that the step of operating the traceback function 
operates the traceback function on a plurality of selected paths. Raz et al discloses that a 
particular path is selected based at least on an amount of traffic flowing through the path 
traceback through interconnected routers until a source of denial-of-service attack packets to v is 
determined, or until further traceback is not possible [column 6 line 66 to column 7 line 24]. 




Application/Control Number: 09/651,619 
Art Unit: 2131 



Page 5 



Claim Rejections - 35 USC §103 



The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

5. Claims 3, 4 and 11 are rejected under 35 U.S.C. 103(a) as being unpatentable over Raz 

et al U.S. Patent No. 6,529,515 Bl as applied to claims 1 and 9 above, and further in view of 

Li et al U.S. Patent No. 6,535,507 Bl. 

As to claims 3, 4 and 1 1, Raz et al does not teach that the step of determining if r is n's 
next-hop for traffic addressed to v comprises a step of sending at least one query to router n. Raz 
et al does not teach that the step of sending at least one query queries an IP Forwarding Table 
MIB of router n. 

Li et al teaches determining if r is n's next-hop for traffic addressed to v comprises a step 
of sending at least one query. Li et al teaches sending at least one query queries an IP 
Forwarding Table [column 6, lines 46-54]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Raz et al so that if it was determined that if r was 
n's next-hop for traffic addressed to v then a query would have been sent to router n. The query 
would have been an EP Forwarding Table of router n. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Raz et al by the teaching of Li et al because it provides 
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automated maintenance of translation tables which may be tailored to meet the operating policy 
of network managers that control respective domains [abstract]. 

6. Claims 6 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable over Raz et 
al U.S. Patent No. 6,529,515 Bl as applied to claims 1 and 9 above, and further in view of 
Bhaskaran U.S. Patent No. 5,963,540. 

As to claims 6 and 13, Raz et al does not teach a step of establishing a black hole host 
route to v as close as is possible to the source of the denial-of-service attack packets. 

Bhaskaran teaches establishing a black hole host route to v as close as is possible to the 
source of the attack [column 1, lines 53-67]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Raz et al so that there would have been a black 
hole host route as close as possible to the source of the attack. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Raz et al by the teaching of Bhaskaran because it helps 
reduce the amount of denial of service attack packets in the network [column 1, lines 25-39] 

7. Claims 7 and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable over Raz et 
al U.S. Patent No. 6,529,515 Bl as applied to claims 1 and 9 above, and further in view of 
Hughes U.S. Patent No. 6,636,509 Bl. 

As to claims 7 and 14, Raz et al does not teach a step of establishing a special host route 
to v using the same next hop as an existing route. Raz et al does not teach that the special host 
route tracking changes in the existing route such that when a next hop for the existing route 
changes, the next hop for the host route changes similarly. 
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Hughes teaches establishing a special host route to v using the same next hop as an 
existing route. Raz et al does not teach that the special host route tracks changes in the existing 
route such that when a next hop for the existing route changes, the next hop for the host route 
changes similarly [column 6, lines 11-67]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Raz et al so that there would have been a special 
route using the same next hop as an existing route. The special host route would have tracked 
changes in the existing routes so that when a next hop for the exiting route changed, the next hop 
for the host route would have changed similarly. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Raz et al by the teaching of Hughes because by using 
special routes it reduces the amount of hops in the routing table [column 3, lines 6-29] 
8. Claims 8 and 15 are rejected under 35 U.S.C. 103(a) as being unpatentable over Raz et 
al U.S. Patent No. 6,529,515 Bl as applied to claims 1 and 9 above, and further in view of 
Packer U.S. Patent No. 6,298,041 Bl. 

As to claims 8 and 15, Raz et al does not teach a step of establishing a rate limit for 
packets addressed to v as close as is possible to the source of the denial-of-service attack packets. 

Packer teaches establishing a rate limit for packets addressed [column 4 line 50 to column 
5 line 7]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Raz et al so that there would have been a rate 
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limit for packets addressed to v as close as is possible to the source of the denial-of-service 
attack packets. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Raz et al by the teaching of Packer because rate control is 
introduced into a level of a packet communication environment at which there is a lack of data 
rate supervision to control assignment of available bandwidth from a single logical link to 
network flows [column 3, lines 22-32], 

9. Claim 20 is rejected under 35 U.S.C 103(a) as being unpatentable over Raz et al U.S. 
Patent No. 6,529,515 Bl as applied to claim 16 above, and further in view of Bare U.S. 
Patent No. 6,456,597 Bl. 

As to claim 20, Raz et al does not teach establishing at least one of a black hole host route 
to v as close as is possible to the source of the undesirable packets. Raz et al does not teach 
establishing a special host route to v using the same next hop as an existing route, the special 
host route tracking changes in the existing route such that when a next hop for the existing route 
changes, the next hop for the host route changes similarly. Raz et al does not teach establishing a 
rate-limit for packets addressed to v as close as is possible to the source of the denial-of-service 
attack packets. 

Bare teaches establishing at least one of a black hole host route to v as close as is possible 
to the source of the undesirable packets [column 41 line 66 to column 42 line 45. Bare teaches 
establishing a special host route to v using the same next hop as an existing route, the special 
host route tracking changes in the existing route such that when a next hop for the existing route 
changes, the next hop for the host route changes similarly [column 38 line 33 to column 39 line 
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13]. Bare teaches establishing a rate-limit for packets addressed to v as close as is possible to the 
source of the denial-of-service attack packets [column 77, lines 51-60]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Raz et al so that a black hole host route would 
have been established as close as is possible to the source of the undesirable packets. A special 
host route using the same next hop as an existing route would have been established, the special 
host route tracking changes in the existing route such that when a next hop for the existing route 
changes, the next hop for the host route changes similarly. There would have been a rate-limit 
for packets addressed to v as close as is possible to the source of the denial-of-service attack 
packets. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Raz et al by the teaching of Packer because using any of 
the above methods, you reroute any undesired packets away from the network. 
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Conclusion 



10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K Moorthy whose telephone number is 703-305-1373. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Aravind K Moorthy 
April 1, 2004 



SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




